EHR

News & Analysis as of

Massive Data Breach Affects 4.5 Million Patients in 29 States

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the...more

Hospital Operator Reports 4.5 Million Patients’ Data Stolen in Cyberattack

The Tennessee-based acute-care hospital chain Community Health Systems, Inc. (CHS), reported on August 18 that information on approximately 4.5 million patients was stolen from the company. CHS is one of the largest hospital...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

CMS Paying Some Providers’ Medicare EHR Incentive Payment Using Incorrect Transition Factor

We have learned that CMS has paid Medicare EHR Incentive Program Payments to some eligible hospitals using an incorrect transition factor, understating total payment. CMS personnel have informed us that they are aware of this...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

OIG Report Takes Issue With Oversight of Security Controls for Electronic Health Records

HHS Office of Inspector General (OIG) recently released a report concluding that the entity responsible for overseeing the testing and certification process for electronic health records (EHRs) did not fully ensure that...more

EEOC Sues Employer for Requiring Medical Details as Part of Sick Leave Approval

Employers that provide paid sick leave benefits often require doctors’ notes confirming the employee’s need to be out of work. Last month, the Equal Employment Opportunity Commission filed suit against a Pennsylvania employer...more

Massachusetts Enforces Data Security Regulations Against Out-of-State Entity

On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with an out-of-state Rhode Island hospital, Women & Infants Hospital of Rhode Island (“WIH” or the “Hospital”), resolving a lawsuit against WIH...more

OIG Finds Privacy and Security Risks with ONC EHR Certification Process

It is ironic to learn the Office of Inspector General (OIG) believes the Office of the National Coordinator for Health Information Technology (ONC) essentially has an insufficient compliance program to maintain the privacy...more

Rhode Island Hospital’s Breach of Health Information Leads to Settlement with Massachusetts Attorney General

On July 23, 2014, the Massachusetts attorney general announced a settlement with Women & Infants Hospital of Rhode Island (WIH) over the loss of unencrypted backup tapes. WIH agreed to pay $150,000 and undertake numerous...more

Audit Trails: Pitfalls of Electronic Medical Records, Part III

I do not profess to be an expert in the complexities of metadata in an electronic medical record (EMR). In simple terms, it is analogous to leaving footprints in the sand; although these do not wash away with high tide. In...more

Appellate Court Rules Medical Information Must Actually Have Been Viewed by an Unauthorized Person for a Plaintiff to Recover...

The California Court of Appeal recently held that in order to recover under California’s Confidentiality of Medical Information Act (CMIA), Civ. Code §§ 56 et seq., a plaintiff must plead and prove that the “stolen medical...more

Health Care Update - July 2014 #3

In This Issue: - First Guidance following Hobby Lobby released - Implementation of the Affordable Care Act - Other Federal Regulatory Initiatives - Other Congressional and State...more

Health Update - July 2014

Avoiding the Regulatory Land Mines of Commercial ACOs - While providers are showing great interest in creating ACOs to participate in the Medicare Shared Savings Program (MSSP), they are showing even greater enthusiasm...more

10 Popular Reads Covering Latest European Union Developments

Recap of popular updates covering latest developments in the European Union....more

A Whistleblower Hotline can protect against medical identity theft

Last year, medical identity theft affected nearly two million Americans - 32% more than the year before. This is a staggering number! And considering that today, medical identity theft accounts for 43% of all identity theft...more

You Posted My Medical Information on Facebook?!?!?

The Americans with Disabilities Act (ADA) prohibits discrimination against qualified individuals and ensures equal opportunity for persons with disabilities in employment. An employer is required to make a reasonable...more

eHealth closer with electronic health privacy rules

eHealth is closer to become a reality in Italy with the approval by the Italian Data Protection of the decree providing the requirements for electronic health records systems. We had already discussed in this post...more

Health System Investigated for Leaving PHI in Doctor’s Driveway – Settles with OCR for $800K

While OCR enforcement activity has focused on a covered entity’s safeguarding of ePHI, organizations cannot forget about PHI in non-electronic form. To settle potential violations of the HIPAA Privacy Rule, Parkview Health...more

D’oh! OCR Confirms that Medical Records Should Not be Left in the Driveway

The most recent Office for Civil Rights (“OCR”) HIPAA enforcement action serves as an important reminder to health care providers of the security risks associated with a mishandled medical records custody transfer and the...more

FDA Issues New Draft Guidance on Medical Device Data Systems

On June 20, 2014, the Food and Drug Administration (FDA) issued draft guidance advising that the agency does not intend to enforce compliance with the regulatory controls that apply to medical device data systems, medical...more

Health Update - Jun 2014

Removing Regulatory Barriers to Accelerate EHR Adoption - Recognizing the potential long-term value of EHRs for improving care and reducing costs, many hospitals considered offering physicians financial support to...more

Five Lessons from OCR’s Report to Congress on Breaches and HIPAA Rules Compliance

Last week, the HHS Office of Civil Rights (OCR) released two reports required by the Health Information Technology for Economic and Clinical Health (HITECH) Act: (i) the Annual Report to Congress on Breaches of Unsecured...more

The New "Meaningful Use" Landscape: A Transition from Incentives to Penalties - CMS Begins Enforcing Penalties for Failure to...

Starting in 2015, eligible physicians and hospitals participating in the Medicare Electronic Health Records Incentive Program who do not adopt "meaningful" use" certified electronic health record (EHR) technology will no...more

144 Results
|
View per page
Page: of 6